First version of the inline highlight calculation

src/rule.cc

@@ -356,8 +356,7 @@ std::list<std::pair<std::shared_ptr<std::string>,
                 if (multiMatch == true) {
                     if (*newValue != *value) {
                         ret.push_back(std::make_pair(
-                            newValue,
-                                          transStr));
+                            newValue, transStr));
                     }
                 }
                 value = std::shared_ptr<std::string>(newValue);
@@ -386,8 +385,7 @@ std::list<std::pair<std::shared_ptr<std::string>,
             if (multiMatch == true) {
                 if (*value != *newValue) {
                     ret.push_back(std::make_pair(
-                        newValue,
-                                      transStr));
+                        newValue, transStr));
                     value = newValue;
                 }
             }

src/rule_message.cc

@@ -20,9 +20,40 @@
 #include "modsecurity/modsecurity.h"
 #include "modsecurity/transaction.h"
 #include "src/utils/string.h"
+#include "src/utils/regex.h"
+#include "modsecurity/actions/action.h"
+#include "src/actions/transformations/transformation.h"
 
 namespace modsecurity {
 
+RuleMessage::RuleMessage(Rule *rule, Transaction *trans) :
+    m_accuracy(rule->m_accuracy),
+    m_buf(""),
+    m_clientIpAddress(trans->m_clientIpAddress),
+    m_data(""),
+    m_disruptiveMessage(""),
+    m_id(trans->m_id),
+    m_isDisruptive(false),
+    m_match(""),
+    m_maturity(rule->m_maturity),
+    m_message(""),
+    m_noAuditLog(false),
+    m_opValue(""),
+    m_phase(rule->m_phase - 1),
+    m_reference(""),
+    m_rev(rule->m_rev),
+    m_rule(rule),
+    m_ruleFile(rule->m_fileName),
+    m_ruleId(rule->m_ruleId),
+    m_ruleLine(rule->m_lineNumber),
+    m_saveMessage(true),
+    m_serverIpAddress(trans->m_serverIpAddress),
+    m_severity(0),
+    m_uriNoQueryStringDecoded(trans->m_uri_no_query_string_decoded),
+    m_varValue(""),
+    m_ver(rule->m_ver) { }
+
+
 std::string RuleMessage::disruptiveErrorLog(const RuleMessage *rm) {
     std::string msg;
 
@@ -78,6 +109,7 @@ std::string RuleMessage::noClientErrorLog(const RuleMessage *rm) {
     return modsecurity::utils::string::toHexIfNeeded(msg);
 }
 
+
 std::string RuleMessage::errorLogTail(const RuleMessage *rm) {
     std::string msg;
 
@@ -89,6 +121,7 @@ std::string RuleMessage::errorLogTail(const RuleMessage *rm) {
     return modsecurity::utils::string::toHexIfNeeded(msg);
 }
 
+
 std::string RuleMessage::errorLog(const RuleMessage *rm) {
     std::string msg;
 
@@ -99,6 +132,7 @@ std::string RuleMessage::errorLog(const RuleMessage *rm) {
     return msg;
 }
 
+
 std::string RuleMessage::log(const RuleMessage *rm) {
     std::string msg("");
     if (rm->m_isDisruptive) {
@@ -110,4 +144,81 @@ std::string RuleMessage::log(const RuleMessage *rm) {
     return msg;
 }
 
+
+RuleMessageHighlight RuleMessage::computeHighlight(const RuleMessage *rm,
+    const std::string buf) {
+    RuleMessageHighlight ret;
+    Utils::Regex variables("v([0-9]+),([0-9]+)");
+    Utils::Regex operators("o([0-9]+),([0-9]+)");
+    Utils::Regex transformations("t:(?:(?!t:).)+");
+
+    std::string ref(rm->m_reference);
+    std::list<Utils::SMatch> vars = variables.searchAll(ref);
+    std::list<Utils::SMatch> ops = operators.searchAll(ref);
+    std::list<Utils::SMatch> trans = transformations.searchAll(ref);
+
+    std::string varValue;
+
+    while (vars.size() > 0) {
+        std::string value;
+        RuleMessageHighlightArea a;
+        vars.pop_back();
+        std::string startingAt = vars.back().match;
+        vars.pop_back();
+        std::string size = vars.back().match;
+        vars.pop_back();
+        a.m_startingAt = std::stoi(startingAt);
+        a.m_size = std::stoi(size);
+        ret.m_variable.push_back(a);
+
+        if ((stoi(startingAt) + stoi(size)) > buf.size()) {
+            return ret;
+        }
+
+        value = std::string(buf, stoi(startingAt), stoi(size));
+        if (varValue.size() > 0) {
+            varValue.append(" " + value);
+        } else {
+            varValue.append(value);
+        }
+    }
+
+    ret.m_value.push_back(std::make_pair("original value", varValue));
+    while (trans.size() > 0) {
+        modsecurity::actions::transformations::Transformation *t;
+        std::string varValueRes;
+        std::string transformation = trans.back().match.c_str();
+        t = actions::transformations::Transformation::instantiate(
+            transformation);
+
+        varValueRes = t->evaluate(varValue, NULL);
+        varValue.assign(varValueRes);
+        ret.m_value.push_back(std::make_pair(transformation, varValue));
+        trans.pop_back();
+        delete t;
+    }
+
+    while (ops.size() > 0) {
+        RuleMessageHighlightOperator o;
+        ops.pop_back();
+        std::string startingAt = ops.back().match;
+        ops.pop_back();
+        std::string size = ops.back().match;
+        ops.pop_back();
+
+        if ((stoi(startingAt) + stoi(size)) > buf.size()) {
+            return ret;
+        }
+
+        o.m_area.m_startingAt = std::stoi(startingAt);
+        o.m_area.m_size = std::stoi(size);
+        o.m_value.assign(std::string(varValue, o.m_area.m_startingAt,
+            o.m_area.m_size));
+        ret.m_op.push_back(o);
+    }
+
+    return ret;
+}
+
+
 }  // namespace modsecurity

src/transaction.cc

@@ -1504,6 +1504,45 @@ std::string Transaction::toOldAuditLogFormat(int parts,
 }
 
 
+std::string Transaction::toBuf() {
+    std::string a;
+
+    a.append(*m_variableRequestMethod.evaluate());
+    a.append(" ");
+    a.append(m_uri);
+    a.append(" HTTP/");
+    a.append(m_httpVersion);
+    a.append("\n");
+    std::vector<const collection::Variable *> l;
+    m_variableRequestHeaders.resolve(&l);
+    for (auto h : l) {
+        size_t pos = strlen("REQUEST_HEADERS:");
+        a.append((h->m_key.c_str() + pos));
+        a.append(": ");
+        a.append((h->m_value.c_str()));
+    }
+
+    a.append("\n\n");
+    if (this->m_requestBody.str().length() > 0) {
+        a.append(this->m_requestBody.str().c_str());
+        a.append("\n\n");
+    }
+#if 0
+    l.clear();
+    m_variableResponseHeaders.resolve(&l);
+    for (auto h : l) {
+        size_t pos = strlen("RESPONSE_HEADERS:");
+        a.append((h->m_key->c_str() + pos));
+        a.append(": ");
+        a.append((h->m_value->c_str()));
+    }
+    a.append("\n\n");
+    a.append(this->m_responseBody.str().c_str());
+#endif
+    return a;
+}
+
+
 std::string Transaction::toJSON(int parts) {
 #ifdef WITH_YAJL
     const unsigned char *buf;